skills/addozhang/jk/jk-jenkins-cli/Gen Agent Trust Hub

jk-jenkins-cli

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill demonstrates a strong security posture by explicitly forbidding the exposure of Jenkins credentials, tokens, or configuration files in agent responses.
  • [COMMAND_EXECUTION]: While the skill executes CLI commands to interact with Jenkins, it implements a 'read-first' approach. It requires the agent to perform inspection before state-changing operations and mandates human confirmation for actions like triggering builds, approving input steps, or cancelling jobs.
  • [PROMPT_INJECTION]: The skill processes potentially untrusted external data from Jenkins build logs. The risk of indirect prompt injection is mitigated through instructions that require the agent to summarize findings and obtain explicit authorization before acting on information found in logs.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 06:59 PM
Security Audit — agent-trust-hub — jk-jenkins-cli